https://gitlab.synchro.net/main/sbbs/-/commit/7b48c6a6bb234217b80c2695
Modified Files:
src/smblib/smblib.c
Log Message:
Prevent votes/polls from corrupting hyper-allocated message bases
smb_addmsg() has always forced hyper-allocated storage when the base's status.attr has SMB_HYPERALLOC set, but smb_addvote(), smb_addpoll() and smb_addpollclosure() passed the caller's storage mode (typically derived
from the sub's configured storage setting via smb_storage_mode()) straight through to smb_addmsghdr(). On a message base whose header file carries
the SMB_HYPERALLOC attribute while the sub is configured for fast or
self-pack allocation, a vote/poll header was then allocated via
smb_fallochdr() or smb_allochdr() against allocation files that hyper-allocation deliberately does not maintain, yielding an offset inside existing headers: the new header overwrote a live message header and
(spanning two blocks) overran the following one, destroying two messages
per vote and leaving the base unreadable (smb_getmsghdr "corrupt message
header ID" errors; chksmb "Duplicate Index Offsets" and "Overlapping
Headers").
Guard the header-storage branch in smb_new_msghdr() instead: if the base's persisted attr says hyper-allocated, force SMB_HYPERALLOC storage no
matter what the caller passed. This protects every header-adding path, including any direct smb_addmsghdr() caller.
Observed in the wild on the DEBATE sub of Vertrauen (its msgs.ini config selects fast allocation, but the 26-year-old base file is branded SMB_HYPERALLOC): the first votes cast on it destroyed messages #16-#19.
Fixes issue #1181
Co-Authored-By: Claude Fable 5 <
noreply@anthropic.com>
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net